That should get you started. Anything you do will be a product of the environment you are asked to test. How you are going to do your discovery, enumeration, vulnerability assessment, exploitation attempts, internal capitalization, and reporting are all going to be slightly different depending on the situation.

Hey Guys, thanks....... what it is I need is an example of how to carry out an Internal Pen test.... like step by step and all that....... i know the tools i should use but am not 100% confident of good strategy.... "start with...... then ......" sorta thing.

Take a look at the framework that I linked to again. It is basically a step-by-step example. What might be throwing you off is the fact that it includes a lot more information than "run this tool then this tool, wash, rinse, repeat".

Pentesting is a methodology that is dependent on a variety of factors.

If your already plugged in the organization's network and you don't have any information pertaining to it, for example, IP addresses, type of OS, services running and etc... I would first use

Code:

tcpdump arp

as the first stage of the test in order to gain terrain awareness. By this, you will get to know the IP addresses of hosts working in the local network. Tcpdump is a passive tool in which it doesn't send any data onto the network but waits for packets sent by other computers. Therefore, the results won't appear right away. You need to be patient. After collecting few IP addresses and knowing the network's address, I would use nmap or other scanners for scanning the entire network in hopes of discovering other computers that was not detected during ARP sniffing with Tcpdump. Now that you have identified all live hosts within the local network, proceed by scanning and enumerating each and one of them for open ports, OS identification, banner grabbing and etc. With this information in hand, start researching for available exploits in the Internet. You can also use a vulnerability scanner such as nessus to facilitate you in finding vulnerabilities for the discovered hosts.

This was my quick and dirty, in a nutshell on internal pen-testing. There's more to this but I hope this will help you get started.

For complete info on the subject refer to the following links for list of docs: